POLÍTICA DE PRIVACIDAD
AQUAPARK COSTA TEGUISE S.L. informs you that, in accordance with the provisions of Regulation (EU) 2016/679 of April 27 (GDPR) and Organic Law 3/2018 of December 5 on data protection and guarantee of digital rights (LOPDGDD), we will process your data as set out in this Privacy Policy.
In this Privacy Policy, we describe how we collect your personal data and why we collect it, what we do with it, who we share it with, how we protect it, and your options regarding the processing of your personal data.
This Policy applies to the processing of your personal data collected by the company for the provision of its services. If you fill out any of our forms, you must first accept the terms of this Policy, and we will keep a record of that acceptance.
1. DATA CONTROLLER
The data controller is:
- Aquapark Costa Teguise S.L.
- B-76278720
- Avenida del Golf s/n, Costa Teguise, C.P. 35508, Las Palmas
- info@aquaparklanzarote.es
2. PURPOSE, LEGITIMACY, AND RETENTION
PURPOSE OF PROCESSING:
On behalf of Aquapark Costa Teguise, we process data to:
- Offer you our services, respond to your requests, attend to your inquiries, answer your questions, and send commercial communications.
- Manage online ticket sales through an external ticketing platform. ∙ Manage access to and use of the facilities.
- Respond to queries made via the web form.
- Manage reservations and contracted services.
- Manage customer reviews and ratings.
- Send commercial communications (if authorized by the user).
- Comply with legal and tax obligations.
- Ensuring the safety of people and facilities through video surveillance systems.
- Managing the collection and sale of photographs taken within the park by an authorized external company.
LEGITIMACY
The legal basis for data processing is:
-
Execution of contract (purchase of tickets and services).
- Consent of the interested party (forms, newsletters, and reviews). ∙ Legal obligation (tax and accounting regulations).
- Legitimate interest (security of facilities).
RETENTION
The data will be retained for as long as there is mutual interest or for the legally required periods.
- Billing data: 6 years (legal obligation).
- Commercial data: until consent is withdrawn.
- Video surveillance: maximum 30 days unless legally required.
3. DATA RECIPIENTS
The following may have access to the data:
-
External ticket sales platform (as data processor). ∙ Authorized external photography company within the park.
- Hosting and technology service providers.
- Tax and accounting advisors.
- State security forces and bodies in the event of a legal request. No data will be transferred to third parties unless legally required.
- También recogemos de forma automática datos sobre su visita a nuestro sitio web, según se describe en la política de cookies.
4. PHOTOGRAPHS INSIDE THE PARK
Photographs taken inside the park are managed by an authorized external company. This company acts as the data controller or processor depending on the service contracted.
In the event of the capture and publication of identifiable images, the corresponding consent will be requested, especially when minors are involved.
5. VIDEO SURVEILLANCE
The facilities have a video surveillance system in order to guarantee the safety of people and property.
There are information signs in the areas under video surveillance in accordance with current regulations.
6. USER RIGHTS
You may exercise your rights of:
- Access
- Rectification
- Erasure
- Objection
- Restriction
- Portability
By sending a request to: info@aquaparklanzarote.es indicating “data protection” in the subject line.
You may also submit a complaint.
7. PRIVACY POLICY UPDATES
We strive to continuously improve our services, processes, and the protection of data subjects’ rights, which is why we will update this privacy policy periodically. We advise you to consult it regularly.
